Author Topic: Tests and other Media topics  (Read 434755 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #960 on: January 15, 2022, 01:37:34 PM »
Test your domain to be GDPR-compliant: https://2gdpr.com/

These our forums had the following issues:

Prior consent to other than strictly necessary cookies (ePrivacy)
Possible problems! Hide
What's the Problem:
Cookies installed during the loading of pages are not strictly necessary. For EU users these cookies can be installed after obtaining prior consent (Rec. 30 and Rec. 32 of the GDPR)

How to Solve it:
On the site you need to install prominent and specific cookie-banner with a consent form to get user consent, or to block cookies in case of consent refusal. You can create such cookie consent here

Pages list:
Below are the webpages loaded and cookies that require prior consent from EU users to be installed:

https://forum.avast.com/index.php?topic=315188.msg1675451
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php?action=help
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php?action=search
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php?board=125.0
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php?topic=315479.msg1675505
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php?board=126.0
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php?board=127.0
Cookie (Google Analytics): _gid; _ga; _gat;
https://forum.avast.com/index.php?board=128.0
Cookie (Google Analytics): _gid; _ga; _gat;

Like in Austria this could mean Google Analytics can no longer be used in the EU.

Steps that could be taken to make Google 'Analytrics' being more privacy compliant, script:
Quote
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id= UA- xxxxxxx-x "></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'UA-xxxxxxx-x', { 'anonymize_ip': true }); // ##: This to enable IPmasking
</script>

polonus
« Last Edit: January 15, 2022, 01:39:19 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #961 on: January 15, 2022, 10:52:12 PM »
I should admit, that the script that is being presented in the previous posting (quote)
is more or less a form of window-dressing, because that IP has being loaded from Googles servers beforehand anyway. That IP has been made pseudo-anonymous. Google can calculate it anyway.
Actually google-analytics is 'spook-ware', coming with all that javascript included.

Through just this line of code Google knows the IP through that script being loaded,
<script async src="htxps://www.googletagmanager.com/gtag/js?id= UA- xxxxxxx-x "></script>
<script>

So as coming from the EU we users may find websites outside of the EU blocking us.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #962 on: January 22, 2022, 03:33:26 PM »
Whenever one finds oneself blocked from CloudFlare's, it could be helpful to know the real IP of that particular website: https://shadowcrypt.net/tools/cloudflare

Other interesting tools can be found there also: https://shadowcrypt.net/tools/tor-checker

And this one: https://shadowcrypt.net/tools/asn-finder
Random example:
Quote
Results of 122.161.48.17


   


   

       
       
   

    122.161.48.0/20
PACNET (proxy-registered route object)
This route object is for a PACNET customer route which is
This route object was created because no existing route
ANC peers filter based on these objects this route
  122.161.48.0/24

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #963 on: January 22, 2022, 04:58:46 PM »
Tested IP leaks for my browser VPN, see: https://www.whatsmydns.net/#A/138.68.180.132
at //www.top10vpn.com/tools/do-i-leak/

Results:
IPv4/IPv6             No Leak
DNS                     No Leak
WebRTC                No Leak
Geolocation           No Leak
Additional Tests     No Leak

Testing the Great Firewall now using BLOCKY:
https://blocky.greatfire.org/

Recently blocked: https://en.greatfire.org/https/forum.avast.com/index.php%
No censorship detected October last: https://blocky.greatfire.org/detail/169946/http%3A%2F%2Fforum.avast.com

polonus
« Last Edit: January 22, 2022, 05:18:47 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #965 on: January 23, 2022, 03:01:32 PM »
« Last Edit: January 23, 2022, 03:12:17 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #966 on: January 23, 2022, 10:53:07 PM »
Information to circumvent CloudFlare blocking from behind a proxy or VPN,
use the CloudFlare resolver tool: https://shadowcrypt.net/tools/cloudflare
and also via the info here at https://waf-bypass.com for CloudFlare, Amazon etc. etc.

Also handy when the newly planned EU DNS with URL-filter will be implemented,
or whenever one is being blocked working a tor browser.

Big Brother will be inviting you to a cat- and mouse-game for the last remnants of your privacy and free info gathering. That is what the future has in store for us all (opinion-checking etc.).

Test your WAF online here: https://labs.cloudbric.com/wafer/waf (change DNS to verify)

polonus
« Last Edit: January 23, 2022, 11:31:00 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #967 on: February 07, 2022, 11:43:37 AM »
Report a PHISH to the Phish-bowl:
https://uthsc.edu/its/cybersecurity/phish-bowl.php

Phishing-investigation:
https://xsoar.pan.dev/docs/reference/playbooks/phishing-investigation---generic-v2

Fighting scam and spam on the Interwebz:
https://419scam.org/emails/2022-01/04/02115157.92.htm  (random example)

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #968 on: February 12, 2022, 02:08:54 PM »
20.000 Word Press CMS websites found vulnerable to critical PHP leaks.

Only 31% of such websites have chosen to patch:
https://wordpress.org/plugins/php-everywhere/advanced/

See how weak PHP and fatal errors in coding can easily produce disaster:
https://www.fatalerrors.org/a/php-weak-type-code-commadn-injection.html

So with PHP-encoded CMS:  "Don't EVER trust user input anywhere".

Have a slick website developed. But forget to spend money on any maintanance.
So weak PHP, later a small exploit, and your website can get hacked and worse.

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #969 on: February 12, 2022, 05:38:23 PM »
Various online tools, example : https://online-toolz.com/tools/html-validator.php

When valid you get "valid". Valid found here: -fusedeck.com (random example).

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #970 on: February 14, 2022, 12:04:41 PM »
Scanned this particular random site through
@ https://www.web-malware-removal.com/website-malware-virus-scanner/

Cloaking found on the webserver.
Server Details:

apache

Google and Web-Browser Content different!
Google: 63763 bytes       Firefox: 63967 bytes,    Diff:   204 bytes

l" class="rss_link">rss</a> <a href="hxtps://twitter.com/securitynl" target="_blank" class="twitter_link">twitter</a> </div> </div> </div> </div> </body> </html> ...

Above was found using Free Website Malware / Virus Scan

The cloaking was not found to rside on the website while scanning at:
https://isithacked.com/check

polonus (3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #972 on: February 17, 2022, 04:04:38 PM »
Stable Trackers List - intresting:
https://newtrackon.com/list

Random examples:
Quote
-dp://tracker.dler.com:6969/announce

-udp://fe.dealclub.de:6969/announce

-udp://movies.zsw.ca:6969/announce

-udp://6ahddutb1ucc3cp.ru:6969/announce

udp://abufinzio.monocul.us:6969/announce

-http://btracker.top:11451/announce

-udp://vibe.sleepyinternetfun.xyz:1738/announce

-udp://tracker.torrent.eu.org:451/announce

-udp://tracker.auctor.tv:6969/announce

-https://tr.burnabyhighstar.com:443/announce

-udp://tracker.sylphix.com:6969/announce

-udp://torrentclub.space:6969/announce

-udp://tracker.srv00.com:6969/announce

-udp://tracker.opentrackr.org:1337/announce
etc. etc.

Not being flagged elsewhere, see: https://quttera.com/detailed_report/torrentclub.space

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: Tests and other Media topics
« Reply #973 on: February 18, 2022, 05:40:16 PM »
How did you score here? Instant Security Scan by Zscaler's.
Re: http://securitypreview.zscaler.com/#

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86674
  • No support PMs thanks
Re: Tests and other Media topics
« Reply #974 on: February 18, 2022, 06:20:56 PM »
How did you score here? Instant Security Scan by Zscaler's.
Re: http://securitypreview.zscaler.com/#

pol

I don't know if this was also your intent as the http prefix triggers Firefox http every check.

Allowing it does a redirect to what is also an http page, which is pretty poor on the part of Zscaler when this is supposedly a security based check ???

So I didn't proceed any further, who knows if they would then spring a 'what are you doing visiting non https pages' comment.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security